Disable record splitting in fuzzer mode.
Record splitting is a send-side only behaviour and supporting it in fuzzer mode was messy. Change-Id: I406d2cc77f1d83ed2039a85b95acdfbc815f5a44 Reviewed-on: https://boringssl-review.googlesource.com/17944 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
Adam Langley
parent
a3d76d019f
commit
14308731e5
@ -139,10 +139,14 @@ static const uint8_t kMaxWarningAlerts = 4;
|
||||
/* ssl_needs_record_splitting returns one if |ssl|'s current outgoing cipher
|
||||
* state needs record-splitting and zero otherwise. */
|
||||
static int ssl_needs_record_splitting(const SSL *ssl) {
|
||||
#if !defined(BORINGSSL_UNSAFE_FUZZER_MODE)
|
||||
return ssl->s3->aead_write_ctx != NULL &&
|
||||
ssl->s3->aead_write_ctx->version < TLS1_1_VERSION &&
|
||||
(ssl->mode & SSL_MODE_CBC_RECORD_SPLITTING) != 0 &&
|
||||
SSL_CIPHER_is_block_cipher(ssl->s3->aead_write_ctx->cipher);
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
int ssl_record_sequence_update(uint8_t *seq, size_t seq_len) {
|
||||
@ -467,11 +471,9 @@ static int tls_seal_scatter_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out,
|
||||
|
||||
size_t split_record_len = prefix_len + 1 + split_suffix_len;
|
||||
|
||||
#if !defined(BORINGSSL_UNSAFE_FUZZER_MODE)
|
||||
assert(SSL3_RT_HEADER_LENGTH + ssl_cipher_get_record_split_len(
|
||||
ssl->s3->aead_write_ctx->cipher) ==
|
||||
split_record_len);
|
||||
#endif
|
||||
|
||||
/* Write the n-1-byte fragment. The header gets split between |out_prefix|
|
||||
* (header[:-1]) and |out| (header[-1:]). */
|
||||
|
||||
Loading…
Reference in New Issue
Block a user